0

I am having a problem/misunderstanding with SSL-TLS. My situation is the next: I have 2 backends application developed in Golang, they should communicate ech other over HTTPS, http is not allowed. Every application is running on a separate server.

Currently I am using Caddy as HTTP server and to make proxy redirections, also with it I get the SSL certificate from Let's Encrypt. Now, when I try to communicate from the ApplicationA to the ApplicationB I cannot connect, I checked the logs of the ApplicationB and this is the error:

Handshake failed when using builtin TLS package: no cipher suite supported by both client and server

I also read that this error is common when using LetsEncrypt certificates, is it true? some people recommends to buy a certificate instead, in that case, where is the problem? with the ApplicationA, ApplicationB, or boths? I am not skilled in TLS area so looking for help.

I am using Go 1.8

fuglede
  • 17,388
  • 2
  • 54
  • 99
Sredny M Casanova
  • 4,735
  • 21
  • 70
  • 115
  • The signer certainly has no impact on the available cipher suites, so insofar that the error message is accurate, whether you use Let's Encrypt or another CA plays no role. – fuglede Jul 26 '17 at 18:14
  • @fuglede ok, what would be the cause of the error? I found it https://groups.google.com/forum/#!topic/golang-nuts/neu_jKq9pYk – Sredny M Casanova Jul 26 '17 at 18:16
  • 1
    Caddy allows only a very limited set of cipher suites by default, but they can be modified (https://caddyserver.com/docs/tls). Which library are you using for the client? – fuglede Jul 26 '17 at 18:19
  • @fuglede I am using github.com/ory-am/hydra/sdk ...The client app, indeed is this one https://github.com/ory/hydra-consent-app-go – Sredny M Casanova Jul 26 '17 at 18:23
  • That looks like it's a webserver itself; can you provide the code you use to communicate with the Caddy instance, as well as the output of `openssl s_client -connect caddy-host:443` (to get an idea of which ciphers it wants to use)? – fuglede Jul 26 '17 at 20:30

0 Answers0